You can also create a Windows installer USB stick, boot off of that, and start its command line to access the files on the installed Windows system. There you can copy CMD.exe over the file path of the accessibility options app.
Then boot back to your installed system’s login screen and hit the button for accessibility options, which now opens a working command line logged into the installed system with admin rights. You can use that to reset your admin password.
This hack has worked in some form since Windows 3.11 .
It’s not just because of nonsense, it’s more that it doesn’t really matter what you do - the only thing stopping someone with physical access to your machine is their level of determination.
At some point, there’s no stopping the laws of physics. Your data is physically stored there. You can do a lot to make it really difficult to access it, but the best you can do is full disk encryption with a sufficiently strong key, and only store that key on external hardware that isn’t accessible to the attacker.
Even then, you better make sure that your encryption key wasn’t hanging around cached anywhere in memory before you shut down your computer.
You can’t really prevent physical access to a machine. Using Bitlocker is a lot better recommendation, because it prevents this kind of attack in most of the cases.
You can also create a Windows installer USB stick, boot off of that, and start its command line to access the files on the installed Windows system. There you can copy CMD.exe over the file path of the accessibility options app.
Then boot back to your installed system’s login screen and hit the button for accessibility options, which now opens a working command line logged into the installed system with admin rights. You can use that to reset your admin password.
This hack has worked in some form since Windows 3.11 .
This sort of nonsense right here is why infosec people warn about having physical access to machines
It’s not just because of nonsense, it’s more that it doesn’t really matter what you do - the only thing stopping someone with physical access to your machine is their level of determination.
At some point, there’s no stopping the laws of physics. Your data is physically stored there. You can do a lot to make it really difficult to access it, but the best you can do is full disk encryption with a sufficiently strong key, and only store that key on external hardware that isn’t accessible to the attacker.
Even then, you better make sure that your encryption key wasn’t hanging around cached anywhere in memory before you shut down your computer.
You can’t really prevent physical access to a machine. Using Bitlocker is a lot better recommendation, because it prevents this kind of attack in most of the cases.